A study by Germany’s Fraunhofer Institute for Communication, Information Processing and Ergonomics FKIE has found that vendors have failed to fix hundreds of vulnerabilities in their consumer-grade routers.
With so many staff continuing to work from home – and cyber criminals looking to take advantage of the pandemic – this vulnerability is a real concern. We want to provide you and your team with some guidance to make your business better protected.
Flexibility and BYOD A little more on those findings
The study by FKIE involved the examination of 127 different consumer-grade routers, spanning seven large vendors. Unfortunately, the study, released in late June 2020, found security flaws in all the routers it examined. In the organisation’s own words, it called the results “alarming”.
From the report, it’s clear that no router in the home is as secure as it needs to be – even the best devices that were tested had at least 21 critical vulnerabilities and at least 348 rated with high severity.
Why is this so important right now?
The implications of the pandemic make the vulnerability of routers in the home particularly worrying. This is because, even though we’re seeing some businesses return to the office, so many are still working from home and will do so in some form for the foreseeable future. That means many more people could be exchanging sensitive data with their employers via these devices.
Where should I go from here?
First things first, you need a solid cyber security plan for your business. Your plan should consider various elements:
- Anti-malware tools – Firewalls and anti-viral software are crucial lines of defence that will help you to mitigate risks before they reach your network, and reduce security costs and complexity.
- Update and patch management – Nearly all software programs have, or develop, vulnerabilities. Fortunately, software vendors regularly release updates and patches to fix any such weaknesses. Managing these updates is crucial for healthy IT security.
- Proactively managed IT support – Having someone proactively monitoring your infrastructure is incredibly beneficial. A managed internet security service will search for any unwanted programs – protecting the welfare of your system and the sensitive information you hold.
- Mobile device management – Effective mobile device management will ensure that all employee devices are configured, deployed, managed and monitored to prioritise the security of your network, systems and data.
And then there’s the most important thing of all…
Cyber security awareness training
We’ve said it many times before, but it needs repeating: most data loss events and security breaches are due to human error. If you want a secure and productive business, during lockdown and beyond, it is truly worth investing in regular cyber security training for you and your team.
Our cyber security training solution
Our cyber security awareness platform provides effective and engaging interactive training. Using our platform, your team can learn how to identify malicious emails and dubious websites, as well as how to provide the correct responses to online requests for information. To find out more, click here.
Cyber Essentials certification
This UK Government-backed scheme helps businesses protect themselves from cybercrime. It does this by showing businesses what needs to be in place, within their IT infrastructure, to address basic weaknesses and prevent the most common types of cyber-attacks.
As a Cyber Essentials certified company, you can demonstrate compliance with legislation such as the GDPR, and give reassurance to existing and potential customers regarding the security of both your data and IT infrastructure. To find out more, click here.
How Microtrading can help?
As IT security specialists, we can provide comprehensive management of your IT infrastructure – and help you to create or enhance the cyber security plan your business needs right now. Our range of IT security services help to protect our clients proactively, addressing vulnerabilities and threats ahead of time.